Full-Time

Application Security Engineer

Confirmed live in the last 24 hours

phia

phia

11-50 employees

Provides cybersecurity solutions for government agencies

Cybersecurity

Senior

Remote in USA

Remote work allowed from anywhere within the United States.

US Citizenship, US Top Secret Clearance Required

Category
Cybersecurity
IT & Security
Required Skills
Bash
Python
Java
C#
Selenium
Linux/Unix
Requirements
  • 6+ years of Information Technology experience
  • 3+ years of experience with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments, particularly using Veracode
  • 2+ years of hands-on experience with Java, Python, .NET, or C#
  • 3+ years of proficiency with Burp Suite for application security testing
  • 3+ years of experience designing and implementing enterprise-wide security controls
  • Expertise in securing enterprise web applications and thorough knowledge of OWASP Top 10, CVSS, CWE, WASC, and SANS-25
  • Familiarity with federal compliance standards, including NIST 800-53, FIPS, and FedRAMP
  • Proficiency in Linux or UNIX environments, including troubleshooting website connectivity issues
  • Experience with development environments such as Eclipse, JDeveloper, or Visual Studio
  • Strong understanding of CI/CD pipeline security integration
  • U.S. citizenship and ability to obtain a Public Trust clearance
  • Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field
  • Experience with Interactive Application Security Testing (IAST) tools and methodologies
  • Proficiency with Selenium for automated testing
  • Skill in writing bash scripts for security automation
  • Hands-on experience with OWASP ZAP or Burp Proxy
  • Certifications in application security or related fields (e.g., CSSLP, OSCP, GWAPT)
Responsibilities
  • Collaborate with the federal client and application teams to maintain a robust security posture for high-visibility applications
  • Lead proactive security discussions with development teams to integrate best practices throughout the software development lifecycle
  • Conduct comprehensive application security assessments using dynamic and static testing methodologies
  • Perform threat modeling and security requirements analysis using tools like SD Elements
  • Execute in-depth application penetration testing using industry-standard tools such as Burp Suite
  • Implement and leverage the latest OWASP frameworks to enhance application security
  • Develop and maintain security controls to protect applications, systems, and infrastructure services
  • Provide expert guidance on remediating identified security flaws and vulnerabilities
  • Stay current with evolving security threats and compliance standards to ensure continuous improvement of security measures

phia LLC specializes in delivering tailored cyber assessments, proactive cybersecurity operations, security engineering, and advisory services, leveraging threat intelligence, operational realities, and industry best practices to counter advanced cyber threats for mission-critical teams within various government agencies. The company's main product focuses on providing sophisticated cyber solutions through intelligence-driven approaches and industry standards, utilizing a variety of frameworks informed by threat intelligence and operational realities.

Company Stage

N/A

Total Funding

N/A

Headquarters

Louisville, Kentucky

Founded

2011

Simplify Jobs

Simplify's Take

What believers are saying

  • Increased demand for zero-trust models boosts Phia's cybersecurity service relevance.
  • AI-driven threat detection interest aligns with Phia's cyber intelligence capabilities.
  • Surge in cyber insurance needs enhances demand for Phia's robust security offerings.

What critics are saying

  • Emerging firms with lower-cost solutions threaten Phia's market share.
  • AI evolution in cyber threats requires Phia's constant tech adaptation and investment.
  • Skilled cybersecurity professional shortage may impact Phia's service delivery.

What makes phia unique

  • Phia offers comprehensive cybersecurity and intelligence services, covering multiple critical areas.
  • The company excels in process management and systems administration for supply chain security.
  • Phia's engineering and development services align with the rise in cloud-native security solutions.

Help us improve and share your feedback! Did you find this helpful?